The tension goes up a notch between Meta and the Data Protection Commission (DPC), the Irish equivalent of the CNIL.
According to press reports, the DPC informed its European counterparts on Thursday of a draft order aimed at preventing Meta from sending the data of its European users to the United States, in the absence of a framework. transatlantic on data transfer.
Since the invalidation of the Privacy Shield in July 2020, data flows continue to operate, on the basis of standard contractual clauses which certainly do not have the same weight as a framework agreement, but have been the subject of some changes after the GDPR and the Schrems II judgment.
A long overdue Privacy Shield 2.0
This initiative launched by the Irish DPC comes in a stormy context. The Irish commission had already opened an investigation against Meta in September 2020 aimed at blocking the mechanism used by the platform to transfer its users’ data to the United States.
This time around, European users could be deprived of Facebook and Instagram this summer. European regulators contacted by the Irish commission – which acts as the lead authority for a large number of tech giants – have a month to give their opinion.
Reuters reports that a spokesperson for Meta said on Thursday that “this draft decision, which is under review by European data protection authorities, concerns a conflict of European and US laws that is currently being resolved.”
As a reminder, the European Commission and the United States signed a political agreement in March 2022 to find an heir to the Privacy Shield. But this agreement in principle, which comes after months of negotiations, has so far led to nothing concrete.